Call +44 3333 444 256
Hedgehog Security, a CREST member company, strives to deliver the best cyber security to our clients through our research driven innovative services.
At Hedgehog Security we believe every business has the right to a safer connected world. Our mission is to deliver that.
Honesty | Integrity | Excellence
Our Penetration Testing team are on hand to carry out all aspects of pen testing from single web and mobile applications, through infrastructure and SCADA testing all the way to Red Team engagements. Our business is fully CREST registered and we have CREST CRT and TIGER qualified penetration testers available to work on any penetration testing needs you have. >> READ MORE
Being the first ever company to offer a vCISO service (Virtual Chief Information Security Officer), we have often been copied but never surpassed. Our team of CISOs are here 24×7 to assist in everything from writing policies to implementing full ISO27001 programs. Our team are also available to step into your business for short, medium and long term to bridge any skills shortages or to run your Information Security Office. >> READ MORE
Secure is our one stop shop for small businesses. Designed from the ground up for the small business. All you need is your domain name as a starting point. We will monitor and develop your Cyber Security strategy and program around your business without you needed the specialist security skill. >> READ MORE
Whether you simply need access to the audit portal because you have it all in hand already or you need your company hand holding through the entire Cyber Essentials journey, we are here. We have a dedicated team of highly skilled specialists to help with every aspect from advice, to implementation and audit. >> READ MORE
Hedgehog Security has over 10 years of experience at the forefront of cyber security. Our penetration testing team has worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our penetration tests leverage deep knowledge of attacker’s behaviours and methods. We use the same tools, tactics and procedures (TTPs). Every test is custom built to every client’s needs and requirements. We assess specific aspects of the security program and the state of security of systems, networks and applications within the scope.
We set modern, realistic goals for our talented penetration testers to attempt to achieve. These are the same goals that actual attackers would have in place to justify their time and investment in their attacks.
The Hedgehog consulting teams activities are custom built to every client’s needs and requirements. We will assess your requirements and our senior CISO’s will design the perfect solution for your business.
New for 2020 is our Cyber Security School. All online and at a price point that all can approve, we have courses available such as:
Ever wanted to pass the ISO27001 audit with zero stress? Hedgehog Security has the answer. We believe that the standard is a base grounding of security for all businesses and our audit preparation service, while a tough six week process in itself, sets you up for success.
There are times when you just need some assistance, either by the day or even by the hour. Hedgehog Security was one of the first firms to offer per hour CISO time, providing you with highly cost effective support and advice, for just when you need it.
Originally called vCISO, our CCA service provides you with a complete Information Security function for your business. Led by one of Hedgehog Security’s CISO team, you have at your disposal an Information Security Officer and a team of technical gurus.
Hedgehog Security has been delivering Cyber Essentials gap analysis, preparation, implementation and audit services since the inception of the standard. With over 2000 success audits behind us, we are perfectly placed to help any business achieve the UK Governments base level of Cyber Security.
We have over 10 years of experience at the forefront of cyber security. Our CISO team had worked with some of the world’s largest and most complex businesses and industries. We have a deep understanding of both existing and emerging threats, as well as their rapidly changing tactics, techniques and procedures.
Our consulting practice are here to carry out all manner of Cyber Essentials services for your business.
Cyber Essentials is the Government-backed, industry supported foundation for basic cyber security hygiene. The Scheme has been carefully designed to guide organisations of any size in protecting themselves against cyber threats. You can read more about the governments scheme here.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
[secure] was built with the business owner, not the IT professional, in mind. [secure] helps all businesses achieve a base level of cyber security and frees them up to run their business.
Secure GI is a 12-month subscription service available in basic and plus levels. The basic level looks at your public facing services. The Plus level looks inside too, and addressees Cyber Essentials and Cyber Essentials Plus certifications from the UK Government.
The system is simple and practical to use regardless of your technical abilities; and at the base level all you need to know to get up and running are three things:
Cyber Security in Gaming is something I have dealt with for many years as a CISO within the Gala Coral Group. Gaming as an industry
We get a lot of people who are looking to understand what it takes to become a penetration tester. We asked our CEO to provide some answers.
October is National Cyber Security Awareness Month, and in this series of blogs we will be providing simple tips and tricks to help you and your staff remain ever vigilant against the threats that criminals pose to our digital lives.
This blog will look at passwords – this is a dreaded topic for some as we all know what we should do, but doing it is, for some, a hard thing.
One of the cool things about my job is that I get to blue-sky think some crazy ideas. Today started like nothing out of the ordinary. I was working on an engagement for a client, with the express goal of joining their company.
October is National Cyber Security Awareness Month, and in this series of blogs we will be providing simple tips and tricks to help you and your staff remain ever vigilant against the threats that criminals pose to our digital lives.
This blog will look at apps, downloads and staying safe using your device.
Lets get down and dirty installing OpenVAS. OpenVAS is a free to use vulnerability scanner that was originally forked from the opensource Nessus project. One of the most common complaints I receive from my students is that OpenVAS is next to impossible to install.
October is National Cyber Security Awareness Month, and in this series of blogs we will be providing simple tips and tricks to help you and your staff remain ever vigilant against the threats that criminals pose to our digital lives.
Lets get down and dirty installing Metasploit. One of the most common complaints I receive from my students is that they can not get Metasploit to install so revert to Windows. If you have been following along in my Pentest Workstation series you will have built your Ubuntu workstation.
Ask us a question, any question at all. As long as it has to do with Information Security / Cyber Security, we will get back to you with an answer.
We have recently had questions on Penetration Testing scope generation, how to complete a risk register for ISO27001 and how to harden the Apache webserver.
On #InternationalWomensDay we're celebrating that @CapitalGroup recently appointed Marta Zarraga as their Global Chief Information Officer - check out the article here: A positive step towards more women working in the #CyberSecurity industry. 👩🏻💻 #InfoSec https://t.co/KJWQ0nLrbt
Read More
This week we have a P1 submission on our Bug Bounty program. The boss got excited. The sysadmin denied it. So the test team looked into it. Reported as a private key on our Github. You should always check your findings. 1. Wasnt a private key. 2. Wasnt our Github. Oops.
Read MoreGood luck to @emily_linscott who is debuting in @F4Championship next week. 🏎🏆 Give her a follow to keep up to date with her latest news & show your support! 🤞🍀 #CyberSecurity #F4Championship #Racing https://t.co/e2anESizPC
Read More
© 2009 – 2021 Hedgehog Cyber Security. All Rights Reserved.
Supporting the EFF | Spam Protection supplied by MX Guarddog
